Enterprise security company Proofpoint, Inc has recently released their 2018 Edition of Surviving Email Fraud: A Practical Guide to Protecting Your Organisation. The publication states that since the FBI began tracking simple email fraud attacks in 2015, more than 22,000 organisations worldwide have fallen victim to them, losing an estimated $3.08 billion.
Proofpoint states that unlike other cyberattacks, many fraudulent emails don’t contain malware or malicious URLS. Instead, they take advantage of social engineering. In email fraud attacks, your staff will be tricked into thinking they are receiving an email from a boss, co-worker, vendor or partner. The email will request bank transfers, tax records and other sensitive data. If your staff aren’t properly briefed on this possibility, emails often appear completely legitimate.
How to protect your organisation from email fraud
According to the report, you can take preventative action against email fraud through a combination of people, processes and technology. Before an attack, the three-pronged approach looks like:
- Email fraud awareness training for staff.
- Procedures and policies for business processes conducted via email.
- Advanced threat protection that block fraudulent emails before they reach employees’ inboxes. This protection should also block employees from divulging sensitive information if they are tricked into communicating with attackers.
Further information on how to survive email fraud